What Will Be Hot at RSA 2010?

The show is one week away -- here's a prediction on which technologies will be buzzing

In the midst of the global recession, I found the RSA 2009 Conference to be a big snooze. Not much was new and the show lacked any focus.

Podcast: Security worries muddy cloud computing promises

I doubt whether this year's conference will be as lethargic. Security spending is on the rise and new regulations around data protection and breach notification are making their way through congress. With this as background, I believe the hot topics at this year's conference will include: 1. Network security. ESG Research indicates that this is the biggest security priority for most large organizations. I expect to hear about virtual devices and lightning fast multi-function security gateways. Good news for Cisco, Crossbeam, Fortinet, Juniper, and McAfee. 2. Endpoint security. There seems to be a renaissance in this category as endpoint agents consolidate and offer enhanced security protection. Advantage Kaspersky, Sophos, and Symantec. 3. Cloud security. There will be a lot of hype here about this security widget and the next but the two real interesting things will be cloud security strategy (look for the good work done by the Cloud Security Alliance), and security SaaS. Cisco's reputation service and Trend Micros Smart Protection Network are prototypical applications here. 4. Identity management. I expect massive changes in this area over the next few years as models like OpenID, Shibboleth, and PKI as a service take off. Lots of folks to talk to here including CA, IBM, Novell, and Oracle (if Oracle will answer my calls that is), and PGP. 5. Data security. I'm hoping that the discussion is less about tactical technologies like DLP, eRM, and encryption, and more about enterprise efforts around data security and information governanace. HP and IBM will have a lot to say here. 6. Cybersecurity. The Federal government is ramping up several efforts to bolster government security and improve security within critical infrastructure protection industries. Hopefully, I will have a chance to speak with DHS, US-Cert, and NSA about this. The RSA Conference is a tale of two cities. Half of the people are talking and learning about real security problems and strategies while the other half is yacking about products. I'm hoping that my time is spent on the former and not the latter.

Copyright © 2010 IDG Communications, Inc.

22 cybersecurity myths organizations need to stop believing in 2022